[ previous ] [ next ] [ threads ]
 
 From:  Raphael Maunier <raphael at maunier dot net>
 To:  "James W. McKeand" <james at mckeand dot biz>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Is this possible with m0n0wall ?
 Date:  Tue, 11 Jan 2005 16:48:50 +0100
James W. McKeand wrote:

>Pieterjan Heyse wrote:
>  
>
>>Hello guys,
>>
>>I have a question about m0n0wall. I want to create this kind of
>>network :
>>
>>LAN A --- m0n0 --- Wireless A --|--- WirelessB ---- m0n0 --- LAN B
>>
>>I am currently testing without the wireless bit so I have this setup
>>    
>>
>:
>  
>
>>LAN A --- m0n0 --Xcable-- m0n0 --- LAN B
>>
>>LAN A : 172.16.10.0/24
>>m0n0 on lan A : 172.16.10.253
>>WAN ip : 172.31.1.1
>>
>>LAN B : 192.168.123.0/24
>>m0n0 on lan B : 192.168.123.253
>>WAN ip : 172.31.1.2
>>
>>I am not able to ping m0n0 B (LAN and WAN side) from LAN A. I am
>>    
>>
>able
>  
>
>>to ping m0n0 A and WAN A from lan A. Do I need to add some firewall
>>rules or routing rules ?
>>    
>>
>
>Take a look at establishing an IPSEC VPN between the m0n0walls.
>Otherwise you will have to establish static routes *AND* firewall/NAT
>rules. Ping is not working because the m0n0walls are blocking ICMP on
>the WAN interfaces (actually blocking everything - assuming that you
>have not changed the default rules...)
>
>Once you go wireless for your WAN interface you will want *SOME*
>security between the m0n0s - IPSEC VPN will do it...
>
>_________________________________
>James W. McKeand
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>  
>
I've already tested this configuration with 2 linksys wap54g in 
"wireless bridge mode" and it's worked.

config was :

LAN A --- m0n0 --- Wireless A --|--- WirelessB ---- m0n0 --- LAN B

LAN A : 192.168.100.0/24
WAN A : 192.168.0.1/30

WAN B : 192.168.0.2/30
LAN B : 192.168.101.0/24

Ipsec configured as usual (like a Xcable)

Regards,